Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/787a96-fb0d-432a-8428-710ef47732b0/1/3ttocDbKMotN7mWsQhGd12_7EqI.roa
File: 3ttocDbKMotN7mWsQhGd12_7EqI.roa (raw, json)
Hash identifier: rcEt7Edrl/p+OHHx/1cOUq67iHWKbaBAhn4v6bKQFyw=
Subject key identifier: DE:DB:68:70:36:CA:32:8B:4D:EE:65:AC:42:11:9D:D7:6F:FB:12:A2
Certificate issuer: /CN=e9052499b0003ea0eeaea2426338c34e0bf8fdcf
Certificate serial: 018D3C4109C9F2936C041819DE4EF476DCBC
Authority key identifier: E9:05:24:99:B0:00:3E:A0:EE:AE:A2:42:63:38:C3:4E:0B:F8:FD:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6QUkmbAAPqDurqJCYzjDTgv4_c8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/787a96-fb0d-432a-8428-710ef47732b0/1/3ttocDbKMotN7mWsQhGd12_7EqI.roa
Signing time: Wed 24 Jan 2024 16:15:11 +0000
ROA not before: Wed 24 Jan 2024 16:15:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201608
IP address blocks: 185.69.68.0/23 maxlen: 23
193.108.25.0/24 maxlen: 24
193.108.26.0/24 maxlen: 24
2a0f:8bc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/787a96-fb0d-432a-8428-710ef47732b0/1/6QUkmbAAPqDurqJCYzjDTgv4_c8.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/787a96-fb0d-432a-8428-710ef47732b0/1/6QUkmbAAPqDurqJCYzjDTgv4_c8.mft
rsync://rpki.ripe.net/repository/DEFAULT/6QUkmbAAPqDurqJCYzjDTgv4_c8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:01:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3c:41:09:c9:f2:93:6c:04:18:19:de:4e:f4:76:dc:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9052499b0003ea0eeaea2426338c34e0bf8fdcf
Validity
Not Before: Jan 24 16:15:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dedb687036ca328b4dee65ac42119dd76ffb12a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:3c:c9:03:7d:f1:47:2e:e1:e4:d3:5f:b6:c6:
b8:79:c9:7a:4f:ae:cd:b4:92:00:b8:3f:bc:03:e2:
b6:0e:e0:e3:ee:48:b7:1a:29:a2:ee:21:b6:10:b7:
e2:4c:dc:45:3b:c6:a9:e2:f3:40:f4:b1:2e:6f:4f:
a1:f3:cc:fd:5c:cd:27:73:78:a9:43:43:00:2c:26:
ad:1f:60:0d:a1:61:c6:cd:6a:65:7b:55:7b:e7:ca:
45:d3:a6:43:90:4a:18:bd:39:77:db:ac:ca:15:f5:
f0:ba:bb:8c:16:cc:46:c9:be:d7:5a:ad:de:5b:9d:
49:65:45:2b:db:e6:ce:63:15:ff:c1:0c:73:34:24:
77:2d:f8:31:84:04:7c:ba:2e:60:87:67:22:d2:84:
4a:a0:38:3a:ed:a8:ec:c6:ea:24:6a:92:70:92:b5:
d8:29:cb:5d:69:8c:3e:7d:df:26:7e:ae:10:b5:9f:
c3:15:7c:11:4e:c6:d1:1e:a1:63:6a:91:61:44:5e:
63:0a:50:b0:45:ae:1a:17:6f:35:c5:4c:e9:34:1f:
ed:d9:c0:ec:e3:29:12:63:8d:37:2c:96:1a:cb:a3:
a2:1e:95:d8:95:63:2b:f8:1f:2f:b5:00:44:b4:a4:
d5:0d:85:3e:ce:18:7a:69:88:5f:c2:8c:e0:50:bc:
76:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:DB:68:70:36:CA:32:8B:4D:EE:65:AC:42:11:9D:D7:6F:FB:12:A2
X509v3 Authority Key Identifier:
keyid:E9:05:24:99:B0:00:3E:A0:EE:AE:A2:42:63:38:C3:4E:0B:F8:FD:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6QUkmbAAPqDurqJCYzjDTgv4_c8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/787a96-fb0d-432a-8428-710ef47732b0/1/3ttocDbKMotN7mWsQhGd12_7EqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/787a96-fb0d-432a-8428-710ef47732b0/1/6QUkmbAAPqDurqJCYzjDTgv4_c8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.69.68.0/23
193.108.25.0-193.108.26.255
IPv6:
2a0f:8bc0::/32
Signature Algorithm: sha256WithRSAEncryption
80:52:99:3d:14:c8:db:d7:e0:80:09:1c:1b:ac:07:50:b9:d3:
57:64:32:e7:33:9b:2f:c9:b3:05:c9:24:a4:e7:c0:ee:8c:5f:
83:08:e6:b5:0e:b5:9a:95:70:a8:14:d4:b9:14:ad:97:79:08:
cc:72:87:4f:f7:a9:41:a6:61:db:7c:86:87:cd:e3:6d:0f:5f:
4f:d8:13:cb:f5:47:76:73:36:39:2f:52:c4:00:61:d8:9f:1e:
70:6d:88:e7:17:a8:ae:92:10:7f:81:3e:22:b7:de:b1:1e:69:
ce:b7:1e:80:55:a5:2e:d0:b3:7b:73:bb:84:c0:8a:76:32:bd:
34:6d:6d:c7:ef:4c:b3:50:d8:7e:9b:be:40:2f:55:d1:54:e3:
ff:cb:fe:9e:6b:94:67:4f:32:ec:05:d8:83:7a:cc:d0:07:42:
f9:8b:d9:29:8f:cf:42:4f:64:08:1b:4c:d4:af:a5:ee:cc:b4:
d4:e5:be:8b:81:af:80:78:f4:52:21:0f:17:50:09:2c:0b:e5:
14:49:c2:f6:8f:23:7e:e6:6e:33:d8:ae:63:cd:44:52:80:dd:
66:10:49:f1:31:84:0c:d3:00:d5:82:ff:63:e6:8e:33:72:b0:
cf:1e:bd:73:cf:ea:83:74:8e:3c:b5:57:97:58:35:34:9e:92:
14:44:d8:9c
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAY08QQnJ8pNsBBgZ3k70dty8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MDUyNDk5YjAwMDNlYTBlZWFlYTI0MjYzMzhjMzRlMGJm
OGZkY2YwHhcNMjQwMTI0MTYxNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWRiNjg3MDM2Y2EzMjhiNGRlZTY1YWM0MjExOWRkNzZmZmIxMmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTzJA33xRy7h5NNftsa4ecl6T67N
tJIAuD+8A+K2DuDj7ki3Gimi7iG2ELfiTNxFO8ap4vNA9LEub0+h88z9XM0nc3ip
Q0MALCatH2ANoWHGzWple1V758pF06ZDkEoYvTl326zKFfXwuruMFsxGyb7XWq3e
W51JZUUr2+bOYxX/wQxzNCR3LfgxhAR8ui5gh2ci0oRKoDg67ajsxuokapJwkrXY
KctdaYw+fd8mfq4QtZ/DFXwRTsbRHqFjapFhRF5jClCwRa4aF281xUzpNB/t2cDs
4ykSY403LJYay6OiHpXYlWMr+B8vtQBEtKTVDYU+zhh6aYhfwozgULx2CQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFN7baHA2yjKLTe5lrEIRnddv+xKiMB8GA1UdIwQY
MBaAFOkFJJmwAD6g7q6iQmM4w04L+P3PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlFVa21iQUFQcUR1cnFKQ1l6akRUZ3Y0X2M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My83ODdhOTYtZmIwZC00MzJhLTg0Mjgt
NzEwZWY0NzczMmIwLzEvM3R0b2NEYktNb3RON21Xc1FoR2QxMl83RXFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My83ODdhOTYtZmIwZC00MzJhLTg0MjgtNzEwZWY0NzczMmIw
LzEvNlFVa21iQUFQcUR1cnFKQ1l6akRUZ3Y0X2M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQBuUVEMAwD
BADBbBkDBADBbBowDQQCAAIwBwMFACoPi8AwDQYJKoZIhvcNAQELBQADggEBAIBS
mT0UyNvX4IAJHBusB1C501dkMuczmy/JswXJJKTnwO6MX4MI5rUOtZqVcKgU1LkU
rZd5CMxyh0/3qUGmYdt8hofN420PX0/YE8v1R3ZzNjkvUsQAYdifHnBtiOcXqK6S
EH+BPiK33rEeac63HoBVpS7Qs3tzu4TAinYyvTRtbcfvTLNQ2H6bvkAvVdFU4//L
/p5rlGdPMuwF2IN6zNAHQvmL2SmPz0JPZAgbTNSvpe7MtNTlvouBr4B49FIhDxdQ
CSwL5RRJwvaPI37mbjPYrmPNRFKA3WYQSfExhAzTANWC/2PmjjNysM8evXPP6oN0
jjy1V5dYNTSekhRE2Jw=
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:58:07 2024 by rpki-client on console-fra.rpki-client.org